Podcast
Questions and Answers
What is one way to prevent someone from viewing your data?
What is one way to prevent someone from viewing your data?
- Deleting the data
- Sharing the data openly
- Compressing the data
- Using full disk encryption (correct)
What does encrypting data at rest refer to?
What does encrypting data at rest refer to?
- Encrypting data on a mobile device
- Encrypting data during transmission
- Encrypting data on cloud servers
- Encrypting information on a storage drive (correct)
What feature of NTFS on Microsoft Windows allows selective encryption of files or folders?
What feature of NTFS on Microsoft Windows allows selective encryption of files or folders?
- File compression
- Disk cleanup utility
- File sharing settings
- Built-in encryption functionality (correct)
Why is it important to manage the decryption key when encrypting data?
Why is it important to manage the decryption key when encrypting data?
Where are some decryption keys stored when using Active Directory in Microsoft environments?
Where are some decryption keys stored when using Active Directory in Microsoft environments?
What is a debated topic in the industry regarding user passwords?
What is a debated topic in the industry regarding user passwords?
What security measure should be considered if you work in a public area like a coffee shop or airport?
What security measure should be considered if you work in a public area like a coffee shop or airport?
What is the reason for not assigning administrator access to everyone in an organization?
What is the reason for not assigning administrator access to everyone in an organization?
Why should default accounts on operating systems be avoided?
Why should default accounts on operating systems be avoided?
What is the purpose of automatically locking the system after inactivity?
What is the purpose of automatically locking the system after inactivity?
What security policy dictates how many failed password attempts result in an account lockout in Microsoft Windows?
What security policy dictates how many failed password attempts result in an account lockout in Microsoft Windows?
What is the purpose of disabling guest accounts on devices?
What is the purpose of disabling guest accounts on devices?
Why are unnecessary accounts recommended to be disabled on operating systems?
Why are unnecessary accounts recommended to be disabled on operating systems?
What is the purpose of restricting logins during specific hours of the day?
What is the purpose of restricting logins during specific hours of the day?
What is entropy when discussing password complexity?
What is entropy when discussing password complexity?
Why are uppercase, lowercase, and special characters recommended in passwords?
Why are uppercase, lowercase, and special characters recommended in passwords?
What is generally considered a strong password in today's standards?
What is generally considered a strong password in today's standards?
Why are passwords often configured to automatically expire after a certain amount of time?
Why are passwords often configured to automatically expire after a certain amount of time?
Why does a system remember your used passwords?
Why does a system remember your used passwords?
Why does an attacker target default usernames and passwords on devices?
Why does an attacker target default usernames and passwords on devices?
What is the purpose of an administrator password in UEFI BIOS?
What is the purpose of an administrator password in UEFI BIOS?
What is a best practice regarding system passwords?
What is a best practice regarding system passwords?
Why would an operating system automatically lock the screen when a user is away?
Why would an operating system automatically lock the screen when a user is away?
Study Notes
- Encrypting data is important to keep it secure, especially at rest on storage drives.
- Full disk encryption (FDE) encrypts entire drives for maximum security.
- Individual files or folders can also be encrypted, often built into file systems like NTFS on Windows.
- USB drives should be encrypted due to easy loss.
- Decryption keys should be managed carefully to avoid loss.
- Active Directory can store decryption keys for backup and recovery.
- Complex passwords are essential for strong security, with a focus on entropy (unpredictability).
- Passwords should be 8 characters or longer, contain a mix of uppercase, lowercase, and special characters.
- Password policies encourage regular expiration and password rotation.
- Default usernames and passwords should be changed during setup for device security.
- UEFI BIOS passwords secure access to device configurations.
- Passwords protect access to sensitive Personally Identifiable Information (PII).
- Privacy filters and careful monitor placement can protect sensitive data from prying eyes.
- Access to resources should be granted based on job function and need.
- Administrative access should not be granted to everyone in an organization.
- Group permissions should be assigned to users based on job function.
- Network access can be restricted during certain hours.
- Unnecessary accounts can be disabled.
- Default settings and accounts should be changed for security reasons.
- Account lockout thresholds prevent brute force attacks.
- Interactive logon policies can lock the system after a period of inactivity or user absence.
- AutoRun feature, which automatically executes files on removable media, was removed for security reasons in Windows 7 and later.
Studying That Suits You
Use AI to generate personalized quizzes and flashcards to suit your learning preferences.
Description
Explore the concept of encrypting data at rest using full disk encryption (FDE) to secure information stored on a drive. Learn about encrypting individual files or folders as an alternative approach to enhance data security.
